CLX is ready for GDPR
And we will make sure you are too.
CEO, CLX Communications
What is GDPR?
GDPR (European General Data Protection Regulation) is a new set of regulations in force from the 25th May 2018. These rules have been created to strengthen and protect the personal data of European Union (EU) data subjects, and are designed to cover the rights of EU residents and citizens in terms of privacy, the protection of personal data, security of that data, and consumer consent in a world of increasing data flow between businesses and consumers across the world.
If you store and process data of anyone located in the EU or communicate with them then you are required to be GDPR compliant regardless of where you are based geographically.
GDPR updates and replaces the data protection laws currently in place, and is directly enforceable in each EU member state. GDPR will result in a lot of changes to the way that data is handled, tracked and stored for organizations in the EU.
Strong privacy, data protection and security are at the heart of our mission and as such we have been working diligently to prepare for the EU GDPR legislation and are fully compliant. We are committed to helping our customers be compliant with their Cloud Communications activities too.
Take a look at our Guide To GDPR & Enterprise Messaging for more information on what GDPR is and how to stay compliant, and if you’re a current CLX client, request our Data Protection Agreement to ensure you are covered legally for GDPR compliance.
If you have any questions concerning CLX GDPR polices and process, please email firstname.lastname@example.org.
What are we doing to ensure we are GDPR compliant?
Our Bespoke EEA Routing
We have created a European Economic Area (EEA) messaging infrastructure, to help enterprises meet GDPR compliance requirements.
Restricting File Storage
We are ensuring that log files are stored for the absolute minimum amount of time, after this time has passed, all data is anonymized.
Trained Support Teams
We have a team of GDPR trained support teams to ensure data does not leave the EEA whilst making its way through the support process.
Data Protection Agreements
We are encouraging all of our customers and suppliers to sign our Data Protection Agreement (DPAs).
Appointed a Data Protection Officer
We have appointed an internal Data Protection Officer to ensure we monitor and maintain GDPR compliance.
Infrastructure and Routing that guarantees data is kept in the EU
Although not strictly mandated by GDPR, we have created a European Economic Area (EEA) messaging infrastructure to help enterprises meet GDPR requirements, this will ensure the protection of personal data and message routing via our Tier 1 connections to EEA based Carriers and Operators.
This new API guarantees that message data will remain in the EEA by leveraging our vast Tier 1 Network. This will allow the creation of a GDPR specific routing class that ensures messages sent to consumers (Data Subjects) in the EU will only use mobile network operators located within the EU, without having to hand-off any data to third parties.
Some communication providers operate an architecture that could allow personal data to flow through countries outside the EEA, for many enterprises, particularly in the Government, Banking and Financial Services sectors, keeping data within the EEA block is the only way of guaranteeing messages fall within the GDPR requirements.
Find out more about our EEA messaging infrastructure here.
Robert Gerstmann, Chief Evangelist at CLX Communications
Client Data Protection Agreement
If you’re a CLX client sign our new Data Protection Agreement to be legally covered for GDPR compliance regarding CLX acting as a data processor for your data. Click here to request the document.
An Illustrated Guide to GDPR
This illustrated guide to GDPR from Teach Privacy is a handy reference tool to explain GDPR in simple terms. It lays out all the roles of those involved in complying with GDPR, as well as their responsibilities. It also explains the rights of consumers, or ‘data subjects’, whose data is being stored and processed by businesses offering goods or services within the EU.
Click the image to enlarge.